0

我有一段时间想弄清楚这一点。我需要以sp_help_revloginsql 作业(预定方式)运行。的输出sp_help_revlogin通常会被复制并粘贴到另一个查询窗口,然后执行。

我需要基本上做同样的事情,但在一个自动化的 sql 作业中。有没有办法sp_help_revlogin在 sql 作业中运行和执行输出?

第 1 步 - 运行sp_help_revlogin

第 2 步 - 执行第 1 步的输出

到目前为止,这是我为整个过程所做的事情,但我在 SID 上遇到了二进制错误。请参阅下面的评论。

创建表 #tmpLogins( createLoginScript NVARCHAR(4000) ) INSERT INTO #tmpLogins EXEC [FROMLINKEDSERVER].[master].[dbo].[sp_help_revlogin]

声明 @createLoginStatement nvarchar(128) 声明 curCreate CURSOR FOR

SELECT createLoginScript FROM #tmpLogins

打开 curCreate FETCH NEXT FROM curCreate INTO @createLoginStatement; 而@@FETCH_STATUS = 0 开始

EXEC sp_executesql @createLoginStatement
FETCH NEXT FROM curCreate INTO @createLoginStatement;

结束关闭curCreate;DEALLOCATE curCreate;

如果 OBJECT_ID('tempdb..#tmpLogins') 不是 NULL 删除表 #tmpLogins GO

4

1 回答 1

1

sp_help_revlogin 只是您从 micrsoft 下载的一个脚本,因此您实际上可以更改它。

我的修订返回一个可以解析的表,最后只需执行 exec(@myRowVal) 或 google 在 t-sql 中执行动态 sql。

或者,如果您觉得生活很危险;)您可以直接在脚本中执行它,我在其中“插入@output”您可以将其更改为“exec(@tmpstr)”

        CREATE PROCEDURE sp_help_revlogin_With_Output @login_name sysname = NULL 

            AS
            DECLARE @name sysname
            DECLARE @type varchar (1)
            DECLARE @hasaccess int
            DECLARE @denylogin int
            DECLARE @is_disabled int
            DECLARE @PWD_varbinary  varbinary (256)
            DECLARE @PWD_string  varchar (514)
            DECLARE @SID_varbinary varbinary (85)
            DECLARE @SID_string varchar (514)
            DECLARE @tmpstr  varchar (1024)
            DECLARE @is_policy_checked varchar (3)
            DECLARE @is_expiration_checked varchar (3)

            DECLARE @defaultdb sysname

            declare @output table
                (
                    id int IDENTITY(1,1),
                    cmd varchar(max)
                )


            IF (@login_name IS NULL)
              DECLARE login_curs CURSOR FOR

                  SELECT p.sid, p.name, p.type, p.is_disabled, p.default_database_name, l.hasaccess, l.denylogin FROM 
            sys.server_principals p LEFT JOIN sys.syslogins l
                  ON ( l.name = p.name ) WHERE p.type IN ( 'S', 'G', 'U' ) AND p.name <> 'sa'
            ELSE
              DECLARE login_curs CURSOR FOR


                  SELECT p.sid, p.name, p.type, p.is_disabled, p.default_database_name, l.hasaccess, l.denylogin FROM 
            sys.server_principals p LEFT JOIN sys.syslogins l
                  ON ( l.name = p.name ) WHERE p.type IN ( 'S', 'G', 'U' ) AND p.name = @login_name
            OPEN login_curs

            FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @type, @is_disabled, @defaultdb, @hasaccess, @denylogin
            IF (@@fetch_status = -1)
            BEGIN
              PRINT 'No login(s) found.'
              insert into @output (cmd) values ( 'No login(s) found.')
              CLOSE login_curs
              DEALLOCATE login_curs
              RETURN -1
            END
            SET @tmpstr = '/* sp_help_revlogin script '
            PRINT @tmpstr
            SET @tmpstr = '** Generated ' + CONVERT (varchar, GETDATE()) + ' on ' + @@SERVERNAME + ' */'
            PRINT @tmpstr
            PRINT ''
            WHILE (@@fetch_status <> -1)
            BEGIN
              IF (@@fetch_status <> -2)
              BEGIN
                PRINT ''
                SET @tmpstr = '-- Login: ' + @name
                PRINT @tmpstr
                IF (@type IN ( 'G', 'U'))
                BEGIN -- NT authenticated account/group

                  SET @tmpstr = 'CREATE LOGIN ' + QUOTENAME( @name ) + ' FROM WINDOWS WITH DEFAULT_DATABASE = [' + @defaultdb + ']'

                END
                ELSE BEGIN -- SQL Server authentication
                    -- obtain password and sid
                        SET @PWD_varbinary = CAST( LOGINPROPERTY( @name, 'PasswordHash' ) AS varbinary (256) )
                    EXEC sp_hexadecimal @PWD_varbinary, @PWD_string OUT
                    EXEC sp_hexadecimal @SID_varbinary,@SID_string OUT

                    -- obtain password policy state
                    SELECT @is_policy_checked = CASE is_policy_checked WHEN 1 THEN 'ON' WHEN 0 THEN 'OFF' ELSE NULL END FROM sys.sql_logins WHERE name = @name
                    SELECT @is_expiration_checked = CASE is_expiration_checked WHEN 1 THEN 'ON' WHEN 0 THEN 'OFF' ELSE NULL END FROM sys.sql_logins WHERE name = @name

                        SET @tmpstr = 'CREATE LOGIN ' + QUOTENAME( @name ) + ' WITH PASSWORD = ' + @PWD_string + ' HASHED, SID = ' + @SID_string + ', DEFAULT_DATABASE = [' + @defaultdb + ']'
                    IF ( @is_policy_checked IS NOT NULL )
                    BEGIN
                      SET @tmpstr = @tmpstr + ', CHECK_POLICY = ' + @is_policy_checked
                    END
                    IF ( @is_expiration_checked IS NOT NULL )
                    BEGIN
                      SET @tmpstr = @tmpstr + ', CHECK_EXPIRATION = ' + @is_expiration_checked
                    END
                END
                IF (@denylogin = 1)
                BEGIN -- login is denied access
                  SET @tmpstr = @tmpstr + '; DENY CONNECT SQL TO ' + QUOTENAME( @name )
                END
                ELSE IF (@hasaccess = 0)
                BEGIN -- login exists but does not have access
                  SET @tmpstr = @tmpstr + '; REVOKE CONNECT SQL TO ' + QUOTENAME( @name )
                END
                IF (@is_disabled = 1)
                BEGIN -- login is disabled
                  SET @tmpstr = @tmpstr + '; ALTER LOGIN ' + QUOTENAME( @name ) + ' DISABLE'
                END
                PRINT @tmpstr
                insert into @output (cmd) values (@tmpstr)
              END

              FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @type, @is_disabled, @defaultdb, @hasaccess, @denylogin
               END
            CLOSE login_curs
            DEALLOCATE login_curs
            select * from @output
            RETURN 0
            GO
于 2013-06-05T06:14:17.153 回答